Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

Published:

31 mei 2026 om 12:22:12

Alert date:

31 mei 2026 om 13:00:26

Source:

thehackernews.com

Mobile & IoT, Network Infrastructure, Ransomware & Malware

Dutch authorities successfully dismantled a massive botnet comprising at least 17 million infected devices including computers, tablets, smartphones, and IoT devices. The botnet was used to carry out malicious attacks and was supported by more than 200 servers located in the Netherlands. The operation was conducted by Dutch Politie in collaboration with the National Cyber Security Center (NCSC). This represents a significant law enforcement action against cybercriminal infrastructure affecting millions of devices globally.

Technical details

A botnet consisting of at least 17 million infected devices including computers, tablets, smartphones, and IoT devices was dismantled by Dutch authorities. The botnet used over 200 servers located in the Netherlands as backend infrastructure. The operation was identified as Asocks, a company offering residential proxies with monthly subscriptions between $5-15. The botnet was linked to the PROXYLIB campaign involving infected Android devices with proxyware from LumiApps and Asocks. Devices became part of the botnet when malicious actors gained access and installed malware for remote control, enabling the devices to be used for cybercriminal activities.

Mitigation steps:

Keep operating systems up-to-date, maintain visibility of edge devices like routers, use strong passwords, enable two-factor authentication wherever possible, install apps from trusted sources, change default passwords, and secure Wi-Fi networks with WPA2 or WPA3

Affected products:

Android devices
Computers
Tablets
Smartphones
IoT devices
Routers

Related CVE's:

Related threat actors:

LumiApps

Asocks

IOC's:

This article was created with the assistance of AI technology by Perceptive.